

Application No. 


Applicant(s) 


Notice of Allowability 


09/853,395 


STRONGIN ETAL 


Examiner 


Art Unit 






Minh Dieu Nguyen 


2137 





The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 
Ail claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1 .31 3 and MPEP 1 308. 
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3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) □ All b) □ Some* c) □ None of the: 
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International Bureau (PCT Rule 17.2(a)). 
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Paper No./Mail Date . 
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EXAMINER'S AMENDMENT 

1. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Mark W. Sincell on 1/9/2007. 

2. The application has been amended as follows: 
In claim 1, the paragraph 

"A system, comprising: 
a crypto-processor; 

a memory coupled to receive memory transactions through the crypto-processor, 
wherein the memory transactions are passed to the memory by the crypto-processor; 
and 

a device different from the crypto-processor, wherein the device is configured to 
request the memory transactions passed to the memory by the crypto-processor." 
has been changed to 

-A system, comprising: 

a crypto-processor; 

a memory coupled to receive memory transactions through the crypto-processor, 
wherein the memory transactions are passed to the memory by the crypto-processor; 
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a device different from the crypto-processor, wherein the device is configured to 
request the memory transactions passed to the memory by the crypto-processor; 

wherein the crypto-processor includes a secret; and wherein the crypto- 
processor is configured to demand an authorization before passing memory access to 
the memory, wherein the authorization comprises an indication from the device that 
knows the secret, wherein the indication of the secret comprises a correct response to a 
challenge-response authentication. — 

In claim 6, the paragraph 
"(Currently Amended)" 
has been changed to 

-Canceled— 

In claim 7, the paragraph 
"(Original)" 
has been changed to 

--Canceled — 

In claim 20, the paragraph 

"A method of operating a computer system, the computer system including a 
crypto-processor, a device different from the crypto-processor, and a storage device, 
the method comprising: 
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transmitting a request for a memory transaction for a storage location in the 
storage device, wherein transmitting the request for the memory transaction for the 
storage location in the storage device comprises the device initiating the request for the 
memory transaction for the storage location in the storage device; 

receiving the request for the memory transaction at the crypto-processor; 

determining if the memory transaction is authorized for the storage location; 

passing the request for the memory transaction to the storage device if the 
memory transaction is authorized for the storage location." 
has been changed to 

-A method of operating a computer system, the computer system including a 
crypto-processor, a device different from the crypto-processor, and a storage device, 
the method comprising: 

transmitting a request for a memory transaction for a storage location in the 
storage device, wherein transmitting the request for the memory transaction for the 
storage location in the storage device comprises the device initiating the request for the 
memory transaction for the storage location in the storage device; 

receiving the request for the memory transaction at the crypto-processor; 

determining if the memory transaction is authorized for the storage location; 

passing the request for the memory transaction to the storage device if the 
memory transaction is authorized for the storage location, wherein passing the request 
for the memory transaction to the storage device if the memory transaction is authorized 
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for the storage location comprises passing the request for the memory transaction to the 
storage device only if the memory transaction is authorized for the storage location; 

wherein the crypto-processor includes a secret; and wherein determining if the 
memory transaction is authorized for the storage location comprises demanding an 
authorization from the device initiating the request, wherein the authorization comprises 
an indication from the device that knows the secret; 

wherein the indication of the secret comprises a correct response to a challenge- 
response authentication; and wherein demanding an authorization from the device 
initiating the request comprises providing a challenge to the device, and the device 
providing the correct response to the challenge. — 

In claim 21 , the paragraph 
"(Original)" 
has been changed to 
-Canceled- 

In claim 25, 

"(Original) The method of claim 21 
has been changed to 

--(Currently amended) The method of claim 20,-- 



In claim 30, the paragraph 
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"(Original)" 
has been changed to 

-Canceled- 
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In claim 31, the paragraph 
"(Original)" 
has been changed to 
-Canceled- 

In claim 32, 

"(Original) The method of claim 31 " 
has been changed to 

--(Currently amended) The method of claim 20,-- 

In claim 59, the paragraph 

"A computer readable program storage device encoded with instructions that, 
when executed by a computer system including a crypto-processor, a device different 
that the crypto-processor, and a storage device, performs a method of operating the 
computer system, the method comprising: 

transmitting a request for a memory transaction for a storage location in the 
storage device, wherein transmitting the request for the memory transaction for the 
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storage location in the storage device comprises the device initiating the request for the 
memory transaction for the storage location in the storage device; 

receiving the request for the memory transaction at the crypto-processor; 

determining if the memory transaction is authorized for the storage location; 

passing the request for the memory transaction to the storage device if the 
memory transaction is authorized for the storage location." 
has been changed to 

A computer readable program storage device encoded with instructions that, 
when executed by a computer system including a crypto-processor, a device different 
from the crypto-processor, and a storage device, performs a method of operating the 
computer system, the method comprising: 

transmitting a request for a memory transaction for a storage location in the 
storage device, wherein transmitting the request for the memory transaction for the 
storage location in the storage device comprises the device initiating the request for the 
memory transaction for the storage location in the storage device; 

receiving the request for the memory transaction at the crypto-processor; 

determining if the memory transaction is authorized for the storage location; 

passing the request for the memory transaction to the storage device if the 
memory transaction is authorized for the storage location, wherein passing the request 
for the memory transaction to the storage device if the memory transaction is authorized 
for the storage location comprises passing. the request for the memory transaction to the 
storage device only if the memory transaction is authorized for the storage location; 
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wherein the crypto-processor includes a secret; and wherein determining if the 
memory transaction is authorized for the storage location comprises demanding an 
authorization from the device initiating the request, wherein the authorization comprises 
an indication from the device that knows the secret; 

wherein the indication of the secret comprises a correct response to a challenge- 
response authentication; and wherein demanding an authorization from the device 
initiating the request comprises providing a challenge to the device, and the device 
providing the correct response to the challenge. — 

In claim 60, the paragraph 
"(Original)" 
has been changed to 

-Canceled- 

In claim 64, 

"(Original) The computer readable program storage device of claim 60," 
has been changed to 

--(Currently amended) The computer readable program storage device of claim 

59,-- 



In claim 69, the paragraph 
"(Original)" 
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has been changed to 

-Canceled- 

In claim 70, the paragraph 
"(Original)" 
has been changed to 

-Canceled- 

In claim 71, 

"(Original) The computer readable program storage device of claim 70," 
has been changed to 

-(Currently amended) The computer readable program storage device of claim 

59,- 

Allowable Subject Matter 

3. Claims 1-3, 4, 8-17, 20, 22, 25-28, 32, 59, 61, 64-67 and 71 are allowed. 

4. The following is an examiner's statement of reasons for allowance: 

In light of the specification, the present invention is directed to a method and 
system for enhanced security and manageability for PC BIOS ROM and other secure 
storage. Each independent claim (claim 1, 20 and 59) identifies the uniquely distinct 
features of the computer system includes a requesting device, a storage device and a 
security device, with the requesting device operably coupled to the storage device 
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through the security device; receiving a transaction request for a storage location 
associated with the storage device from the requesting device, determining if the 
requesting device is authorized to access the storage device wherein determining if the 
requesting device is authorized to access the storage device may include providing a 
challenge in response to receiving the transaction request, receiving a response to the 
challenge and determining if the response to the challenge is equal to an expected 
response. The closest prior arts, Davis (5,844,986), Bress et al. (6,813,682), Brant et al. 
(5,848435) and Baird, III et al. (6,732,278) fail to anticipate or render the above 
limitations obvious. 

5. Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dieu Nguyen whose telephone number is 571-272- 
3873. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
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information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-21 7-9197 (toll-free). 
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